Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/iG_f4s4qB2qt1jFUPp_eHldOycc.roa
File: iG_f4s4qB2qt1jFUPp_eHldOycc.roa (raw, json)
Hash identifier: h8PBwaVD+QQV1UoPwBpK19Tpij7XBoVc/MTz3dJl0f0=
Subject key identifier: 88:6F:DF:E2:CE:2A:07:6A:AD:D6:31:54:3E:9F:DE:1E:57:4E:C9:C7
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 4308613A
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/iG_f4s4qB2qt1jFUPp_eHldOycc.roa
Signing time: Wed 18 May 2022 09:01:17 +0000
ROA not before: Wed 18 May 2022 09:01:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50939
IP address blocks: 89.36.140.0/24 maxlen: 24
93.115.203.0/24 maxlen: 24
176.223.66.0/24 maxlen: 24
89.40.36.0/24 maxlen: 24
128.0.41.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1124622650 (0x4308613a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: May 18 09:01:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=886fdfe2ce2a076aadd631543e9fde1e574ec9c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4a:0c:0a:28:9b:b2:7f:d6:33:11:2b:f5:7c:
cb:dc:75:24:ad:1b:c4:9e:e1:38:bb:30:4c:f2:e2:
ad:4c:40:2e:0a:c5:a9:d8:dd:8b:7f:62:f6:d9:50:
b9:fc:bb:d7:01:77:64:52:93:e2:9c:a4:95:d1:dc:
f2:99:bd:a1:b6:bd:eb:2c:bb:49:3a:cd:cb:4d:2f:
64:aa:4d:ad:3b:59:48:23:9f:c7:4f:22:5f:70:a5:
58:9a:ce:d5:7e:d6:dd:47:d6:55:05:68:3b:6b:30:
46:2f:fe:a9:dc:11:38:74:60:51:80:88:d2:a1:2c:
1b:da:8b:6e:7c:b5:3f:bd:2e:2b:99:bb:ca:80:0a:
63:01:bb:fd:ee:bd:76:c3:c4:a9:f8:6d:36:df:2f:
7d:62:57:2f:a1:55:99:26:ab:30:e7:32:dc:27:88:
6e:56:d1:43:d9:49:90:ea:54:c1:4f:82:40:9a:99:
07:34:2f:e3:7c:f5:47:46:09:08:fb:0c:35:ad:3a:
e3:ad:69:27:f0:47:b1:c1:3e:ac:9c:dc:cd:9f:3f:
8e:aa:82:42:fb:e3:ca:be:7d:1b:83:0f:c2:93:f2:
f5:dd:15:9c:80:e0:bb:a5:06:20:e5:ca:55:e6:be:
a5:42:26:c5:3a:d1:ac:c2:97:16:b3:8f:31:57:9b:
c1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:6F:DF:E2:CE:2A:07:6A:AD:D6:31:54:3E:9F:DE:1E:57:4E:C9:C7
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/iG_f4s4qB2qt1jFUPp_eHldOycc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.140.0/24
89.40.36.0/24
93.115.203.0/24
128.0.41.0/24
176.223.66.0/24
Signature Algorithm: sha256WithRSAEncryption
f0:9e:5f:ac:08:e5:c4:28:e1:f7:53:19:03:30:16:f2:1e:0a:
d1:fb:19:26:e1:14:b1:10:c2:fd:c5:f7:8f:43:bc:75:db:51:
df:d4:e9:43:cb:ba:f0:d9:36:45:bf:df:f4:d8:92:cb:fd:37:
aa:a0:4c:ea:f5:2d:a9:de:27:5e:f5:8e:60:1c:ad:1b:22:41:
af:d5:82:67:77:20:1d:35:24:14:ae:fe:4c:0e:5e:e6:b1:3f:
fb:09:1c:d9:05:c8:e0:72:2c:b0:e7:ec:9b:0b:3b:8b:07:b0:
29:5a:04:bc:79:42:54:dd:98:d9:a2:b0:d7:78:58:80:08:4d:
c4:44:2f:71:2d:f0:11:39:88:d9:64:9a:ec:f7:ea:78:57:fa:
a0:a1:ea:fa:6b:29:24:5d:e6:32:49:22:d2:dc:59:01:0b:46:
77:18:7b:20:2f:78:c1:6a:25:60:2c:8e:98:4b:8d:a3:50:0c:
1e:21:3f:f2:e6:7d:50:1b:2f:31:77:16:ad:2b:42:81:98:f1:
a9:83:29:5a:ac:b3:c9:30:29:cd:1a:a5:64:af:a4:33:cc:db:
4e:92:6b:05:08:02:f3:e4:e1:5d:93:4c:8f:ee:2f:02:57:1b:
7c:a6:a3:94:62:56:21:02:12:8d:a5:63:ea:79:a2:86:7c:bf:
2b:75:10:4f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEQwhhOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU2MjYzNGUxYmQ1MTMzYTlkZTQ1MTJhZTk4Y2FkMWIyMjE5YjU5MB4XDTIyMDUx
ODA5MDExN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODg2ZmRmZTJjZTJh
MDc2YWFkZDYzMTU0M2U5ZmRlMWU1NzRlYzljNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMFKDAoom7J/1jMRK/V8y9x1JK0bxJ7hOLswTPLirUxALgrF
qdjdi39i9tlQufy71wF3ZFKT4pykldHc8pm9oba96yy7STrNy00vZKpNrTtZSCOf
x08iX3ClWJrO1X7W3UfWVQVoO2swRi/+qdwROHRgUYCI0qEsG9qLbny1P70uK5m7
yoAKYwG7/e69dsPEqfhtNt8vfWJXL6FVmSarMOcy3CeIblbRQ9lJkOpUwU+CQJqZ
BzQv43z1R0YJCPsMNa06461pJ/BHscE+rJzczZ8/jqqCQvvjyr59G4MPwpPy9d0V
nIDgu6UGIOXKVea+pUImxTrRrMKXFrOPMVebwUECAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBSIb9/izioHaq3WMVQ+n94eV07JxzAfBgNVHSMEGDAWgBT45iY04b1RM6ne
RRKumMrRsiGbWTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEv
MS9pR19mNHM0cUIycXQxakZVUHBfZUhsZE95Y2Mucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4
L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEvMS8xLU9ZbU5PRzlV
VE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWSSMAwQAWSgkAwQAXXPLAwQA
gAApAwQAsN9CMA0GCSqGSIb3DQEBCwUAA4IBAQDwnl+sCOXEKOH3UxkDMBbyHgrR
+xkm4RSxEML9xfePQ7x121Hf1OlDy7rw2TZFv9/02JLL/TeqoEzq9S2p3ide9Y5g
HK0bIkGv1YJndyAdNSQUrv5MDl7msT/7CRzZBcjgciyw5+ybCzuLB7ApWgS8eUJU
3ZjZorDXeFiACE3ERC9xLfAROYjZZJrs9+p4V/qgoer6aykkXeYySSLS3FkBC0Z3
GHsgL3jBaiVgLI6YS42jUAweIT/y5n1QGy8xdxatK0KBmPGpgylarLPJMCnNGqVk
r6QzzNtOkmsFCALz5OFdk0yP7i8CVxt8pqOUYlYhAhKNpWPqeaKGfL8rdRBP
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:12 2023 by rpki-client on console-fra.rpki-client.org